From 1e3c19b82374585ed7261bcb1abd6ddd38b5d9f8 Mon Sep 17 00:00:00 2001
From: ReemMahmoud <rfawzy.ext@orange.com>
Date: Wed, 10 Jan 2018 16:04:00 +0200
Subject: Refactor moon_authz

Change-Id: I27dd56f22fa457727568d3fe76ed5fa862ba97ae
Signed-off-by: ReemMahmoud <rfawzy.ext@orange.com>
---
 moon_authz/moon_authz/api/authorization.py         | 22 +++++++++++++++++-----
 moon_authz/tests/unit_python/utilities.py          | 21 +++++++++++++++------
 .../python_moonutilities/exceptions.py             | 15 ++++++++++++++-
 3 files changed, 46 insertions(+), 12 deletions(-)

diff --git a/moon_authz/moon_authz/api/authorization.py b/moon_authz/moon_authz/api/authorization.py
index e939604b..84114466 100644
--- a/moon_authz/moon_authz/api/authorization.py
+++ b/moon_authz/moon_authz/api/authorization.py
@@ -89,16 +89,28 @@ class Authz(Resource):
         # Context.update_target(context)
         if not self.context.pdp_set:
             raise exceptions.PdpUnknown
+        if current_header_id not in self.context.pdp_set:
+            raise Exception('Invalid index')
         current_pdp = self.context.pdp_set[current_header_id]
         category_list = list()
-        category_list.extend(current_pdp["meta_rules"]["subject_categories"])
-        category_list.extend(current_pdp["meta_rules"]["object_categories"])
-        category_list.extend(current_pdp["meta_rules"]["action_categories"])
+        if 'meta_rules' not in current_pdp:
+            raise exceptions.PdpContentError
+        try:
+            category_list.extend(current_pdp["meta_rules"]["subject_categories"])
+            category_list.extend(current_pdp["meta_rules"]["object_categories"])
+            category_list.extend(current_pdp["meta_rules"]["action_categories"])
+        except Exception:
+            raise exceptions.MetaRuleContentError
+        if 'target' not in current_pdp:
+            raise exceptions.PdpContentError
         for category in category_list:
             scope = list(current_pdp['target'][category])
             scopes_list.append(scope)
         # policy_id = self.cache.get_policy_from_meta_rules("admin", current_header_id)
-
+        if self.context.current_policy_id not in self.cache.rules:
+            raise exceptions.PolicyUnknown
+        if 'rules' not in self.cache.rules[self.context.current_policy_id]:
+            raise exceptions.RuleUnknown
         for item in itertools.product(*scopes_list):
             req = list(item)
             for rule in self.cache.rules[self.context.current_policy_id]["rules"]:
@@ -365,4 +377,4 @@ class Authz(Resource):
 
     def head(self, uuid=None, subject_name=None, object_name=None, action_name=None):
         logger.info("HEAD request")
-        return "", 200
\ No newline at end of file
+        return "", 200
diff --git a/moon_authz/tests/unit_python/utilities.py b/moon_authz/tests/unit_python/utilities.py
index 19b9354c..e3a111bd 100644
--- a/moon_authz/tests/unit_python/utilities.py
+++ b/moon_authz/tests/unit_python/utilities.py
@@ -37,11 +37,19 @@ CONF = {
             "container": "wukongsun/moon_orchestrator:v4.3",
             "hostname": "orchestrator"
         },
-        "interface": {
-            "bind": "0.0.0.0",
-            "port": 8080,
-            "container": "wukongsun/moon_interface:v4.3",
-            "hostname": "interface"
+        "pipeline": {
+            "interface": {
+                "bind": "0.0.0.0",
+                "port": 8080,
+                "container": "wukongsun/moon_interface:v4.3",
+                "hostname": "interface"
+            },
+            "authz": {
+                "bind": "0.0.0.0",
+                "port": 8081,
+                "container": "wukongsun/moon_authz:v4.3",
+                "hostname": "authz"
+            }
         }
     },
     "plugins": {
@@ -144,7 +152,8 @@ COMPONENTS = (
     "slave",
     "components/manager",
     "components/orchestrator",
-    "components/interface",
+    "components/pipeline",
+
     "components/wrapper",
 )
 
diff --git a/python_moonutilities/python_moonutilities/exceptions.py b/python_moonutilities/python_moonutilities/exceptions.py
index 2d689287..6db7bf01 100644
--- a/python_moonutilities/python_moonutilities/exceptions.py
+++ b/python_moonutilities/python_moonutilities/exceptions.py
@@ -443,6 +443,13 @@ class MetaRuleExisting(AdminMetaRule):
     logger = "ERROR"
 
 
+class MetaRuleContentError(AdminMetaRule):
+    description = _("Invalid content of pdp.")
+    code = 400
+    title = 'Meta Rule Error'
+    logger = "ERROR"
+
+
 class RuleExisting(AdminRule):
     description = _("The rule already exists.")
     code = 400
@@ -542,6 +549,13 @@ class PdpExisting(MoonError):
     logger = "Error"
 
 
+class PdpContentError(MoonError):
+    description = _("Invalid content of pdp.")
+    code = 409
+    title = 'Pdp Error'
+    logger = "Error"
+
+
 class PdpKeystoneMappingConflict(MoonError):
     description = _("A pdp is already mapped to that Keystone project.")
     code = 409
@@ -561,4 +575,3 @@ class PolicyExisting(MoonError):
     code = 409
     title = 'Policy Error'
     logger = "Error"
-
-- 
cgit